AI Pentest
Autonomous AI penetration testing scans and reports.
📄️ Create Pentest Assessment
Create a new AI pentest assessment in draft status with the given name, target, authentication, context, and scan configuration, and return the created record.
📄️ List Pentest Assessments
Return a paginated list of the client's pentest assessments sorted by creation date, controlled by the `page` and `page_size` query parameters.
📄️ Get Pentest Assessment
Return a single pentest assessment by ID for the authenticated client. Returns 404 when the pentest does not exist.
📄️ Update Pentest Assessment
Update the name, target, authentication, context, or scan configuration of a draft pentest. Returns 404 when the pentest does not exist and 409 when it is no longer in draft status.
📄️ Delete Pentest Assessment
Permanently delete a pentest assessment. Returns 404 when the pentest does not exist and 409 when it is currently running.
📄️ Trigger Pentest Scan
Start the pentest scan workflow after validating that a target URL is set, the AI Pentest connector is enabled, and an eligible verified domain exists (422 otherwise). Returns 404 when not found and 409 when the pentest is already running.
📄️ Cancel Running Pentest Scan
Mark a pending or running pentest as cancelled. Returns 404 when the pentest does not exist and 409 when it is not in a cancellable state.
📄️ Download Pentest Report
Stream the markdown report generated by Strix for this pentest as an attachment. Returns 404 when the pentest or its report is not available.
📄️ Get Pentest Logs
Return the accumulated Strix pod logs, pod name, and current status for a pentest. Returns 404 when the pentest does not exist.
📄️ Stream Pentest Logs
Stream new Strix pod log lines as Server-Sent Events while the pentest is pending or running, ending with a [SCAN_DONE] event. Returns 404 when the pentest does not exist.
📄️ Get Pentest Findings
Return all findings produced by a pentest together with the total count. Returns 404 when the pentest does not exist.
📄️ Get Live Browser Frame
Fetch a current JPEG browser screenshot from the running Strix pod HTTP API. Returns 409 when the pentest is not running and 503 when the pod is unreachable.
📄️ Download Pentest Screenshot
Return the stored pentest screenshot at the given zero-based index as a JPEG image. Returns 404 when the pentest or the requested screenshot does not exist.